Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: v5+VXxK77qfg2y5VDLTV7y+kCjeAoQXMsPnuJibx0YE=
Subject key identifier: 37:A9:BD:05:CE:A9:65:69:0F:AF:A7:8E:58:24:54:1C:59:57:9A:83
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 31DB64FBE44C6023786F980295A61B2EE4DC8594
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS3320.roa
Signing time: Thu 11 Apr 2024 18:37:55 +0000
ROA not before: Thu 11 Apr 2024 18:32:55 +0000
ROA not after: Thu 10 Apr 2025 18:37:55 +0000
asID: 3320
IP address blocks: 81.31.210.0/23 maxlen: 24
185.195.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:db:64:fb:e4:4c:60:23:78:6f:98:02:95:a6:1b:2e:e4:dc:85:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Apr 11 18:32:55 2024 GMT
Not After : Apr 10 18:37:55 2025 GMT
Subject: CN=37A9BD05CEA965690FAFA78E5824541C59579A83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f1:82:1d:c8:c2:cb:e2:c1:f5:fd:ba:3d:3b:
c2:27:95:dd:41:74:6f:29:d6:bd:55:2a:4a:1e:4e:
c4:1f:76:83:4e:68:1a:09:54:ea:84:4d:2f:89:57:
b7:e7:f0:44:64:67:38:2e:db:ee:7a:5c:f1:7e:0d:
e5:6c:7b:24:b4:a1:fc:14:3d:2f:27:6c:c4:68:8c:
5e:97:95:38:d9:75:e5:8d:e2:30:8f:4a:0c:ae:3f:
24:14:54:57:d4:17:1e:ef:3d:07:97:31:67:98:5b:
ee:69:cb:33:25:dc:cd:99:c8:bb:b8:0a:a4:41:75:
9f:58:4d:c7:50:1e:ad:35:a6:09:af:38:98:b2:ae:
11:20:6b:b2:1d:ce:af:1a:c2:55:6e:21:5c:5a:34:
1c:5c:bb:3f:52:fd:1c:f9:c2:c4:4b:5c:65:f2:e7:
57:7e:aa:fc:7a:a6:69:90:db:f1:cb:cd:92:76:8c:
d4:bb:4b:ff:76:5f:f4:34:b8:df:4a:b2:c5:e9:cd:
44:b9:3c:03:09:67:7c:98:4e:4e:2d:7d:c0:dc:19:
31:40:4d:63:8e:d3:f6:84:1c:a3:42:6b:12:51:7a:
2a:09:fc:5d:a4:1c:7f:d3:7d:e4:a8:de:95:f6:40:
bf:1a:70:a9:fe:f0:3b:28:77:68:d9:5b:e5:a6:22:
51:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A9:BD:05:CE:A9:65:69:0F:AF:A7:8E:58:24:54:1C:59:57:9A:83
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.210.0/23
185.195.239.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:75:48:3e:1a:b8:40:34:a5:dd:97:2f:06:3e:c6:ea:92:9d:
31:88:c3:09:d8:ef:31:e8:2c:70:89:1a:b7:cb:2e:f1:36:7f:
5d:16:8e:24:4b:b5:c6:b6:58:98:fb:95:5d:b2:6d:37:70:4e:
60:05:1f:e9:fb:5e:12:76:0e:a2:2a:60:de:3a:e3:e8:e3:68:
5b:1c:b3:e4:95:b4:ed:5c:e9:a2:d7:8e:f3:2b:29:64:71:e0:
f8:0f:d6:d9:e0:98:18:49:d0:88:d7:0b:51:15:56:d3:9b:2f:
f5:df:a1:cf:30:66:96:e2:26:04:c3:44:ba:54:a9:a8:6c:a3:
c1:3f:c4:20:b3:71:16:7c:ce:11:a0:98:5e:90:d6:e3:c6:37:
a9:8a:2d:43:d8:a3:82:bd:a5:72:50:dc:65:e9:95:0c:f8:f9:
c2:98:42:49:5a:05:f6:a7:58:09:92:59:3f:19:bb:1b:ba:2f:
91:39:68:4b:8c:6d:89:2f:06:1d:20:7f:9a:90:73:35:fa:59:
3b:31:59:ac:9c:76:ab:83:77:88:c3:7b:6e:be:04:33:3d:aa:
93:c1:c8:b2:7e:53:fe:60:9a:58:51:70:e2:4c:7f:eb:ea:32:
5d:e4:90:41:69:6b:94:8e:e9:18:85:4b:cf:44:03:00:68:25:
61:b3:6a:4a
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIUMdtk++RMYCN4b5gClaYbLuTchZQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDA0MTExODMyNTVaFw0yNTA0MTAxODM3NTVaMDMxMTAvBgNV
BAMTKDM3QTlCRDA1Q0VBOTY1NjkwRkFGQTc4RTU4MjQ1NDFDNTk1NzlBODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX8YIdyMLL4sH1/bo9O8Inld1B
dG8p1r1VKkoeTsQfdoNOaBoJVOqETS+JV7fn8ERkZzgu2+56XPF+DeVseyS0ofwU
PS8nbMRojF6XlTjZdeWN4jCPSgyuPyQUVFfUFx7vPQeXMWeYW+5pyzMl3M2ZyLu4
CqRBdZ9YTcdQHq01pgmvOJiyrhEga7Idzq8awlVuIVxaNBxcuz9S/Rz5wsRLXGXy
51d+qvx6pmmQ2/HLzZJ2jNS7S/92X/Q0uN9KssXpzUS5PAMJZ3yYTk4tfcDcGTFA
TWOO0/aEHKNCaxJReioJ/F2kHH/TfeSo3pX2QL8acKn+8Dsod2jZW+WmIlFvAgMB
AAGjggHzMIIB7zAdBgNVHQ4EFgQUN6m9Bc6pZWkPr6eOWCRUHFlXmoMwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBuBggrBgEF
BQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MzMyMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB
/wQWMBQwEgQCAAEwDAMEAVEf0gMEALnD7zANBgkqhkiG9w0BAQsFAAOCAQEAxXVI
Phq4QDSl3ZcvBj7G6pKdMYjDCdjvMegscIkat8su8TZ/XRaOJEu1xrZYmPuVXbJt
N3BOYAUf6fteEnYOoipg3jrj6ONoWxyz5JW07VzpoteO8yspZHHg+A/W2eCYGEnQ
iNcLURVW05sv9d+hzzBmluImBMNEulSpqGyjwT/EILNxFnzOEaCYXpDW48Y3qYot
Q9ijgr2lclDcZemVDPj5wphCSVoF9qdYCZJZPxm7G7ovkTloS4xtiS8GHSB/mpBz
NfpZOzFZrJx2q4N3iMN7br4EMz2qk8HIsn5T/mCaWFFw4kx/6+oyXeSQQWlrlI7p
GIVLz0QDAGglYbNqSg==
-----END CERTIFICATE-----
Generated at Fri May 3 20:12:34 2024 by rpki-client on console-ams.rpki-client.org